github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update hf-writer.lua

Browse source 
Adapted your script to the coding standards
This commit is contained in:
Winds 2020-03-18 13:39:10 +03:00
commit 6b30e1ab00
1 changed files with 122 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

107
client/luascripts/hf-writer.lua
View file

@ -7,6 +7,28 @@ local a = 0
local b = 0 local b = 0
local tab = string.rep('-', 64) local tab = string.rep('-', 64)
copyright = ''
author = 'Winds'
version = 'v1.0.0'
desc = [[
That's script gives for you a easy way to write your an *.eml dumps, using a Proxmark 3.
It's working for 4 and 7 bytes NXP MIFARE Classic 1K cards.
The script has including an injection of UID changig for the Chinese Magic Cards GEN 3.
Whith choosen an *.eml file you can do:
1. Write it to the equals of current card UID.
2. Write it to anther card with changable UID.
3. Send command to lock UID for the Chinese Magic Cards GEN 3.
4. Erease all data at the card and set the FFFFFFFFFFFF keys, and Access Conditions to 78778800.
]]
example = [[
1. script run hf-writer
]]
usage = [[
You should choose your *.eml dump from being list to write it to the card by wizard
]]
local function read() local function read()
u = read14a.read(true, true).uid u = read14a.read(true, true).uid
return u return u
@ -22,23 +44,25 @@ local function finish()
core.clearCommandBuffer() core.clearCommandBuffer()
end end
local function wait() read14a.waitFor14443a() end local function wait()
read14a.waitFor14443a()
end
wait() local function main(args)
--File lienght check for detect 4 or 7 bytes
print(tab) wait()
print(tab)
if string.len(read()) == 14 then -- Detect 7 byte card if string.len(read()) == 14 then -- Detect 7 byte card
l = 29 -- 7 byte length of eml file l = 29 -- 7 byte length of eml file
s = 7 s = 7
e = 20 e = 20
else else
l = 23 -- 4 byte length of eml file l = 23 -- 4 byte length of eml file
s = 7 s = 7
e = 14 e = 14
end end
---Listern EML files at Client catalog
for _ in io.popen([[dir ".\" /b]]):lines() do -- for UNIX: ls for _ in io.popen([[dir ".\" /b]]):lines() do -- for UNIX: ls
if string.find(_, '%.eml$') then if string.find(_, '%.eml$') then
if string.len(_) == l then -- There length of eml file if string.len(_) == l then -- There length of eml file
a = a + 1 a = a + 1
@ -46,22 +70,22 @@ for _ in io.popen([[dir ".\" /b]]):lines() do -- for UNIX: ls
print(' ' .. a .. ' ' .. '|' .. ' ' .. uid[a]) print(' ' .. a .. ' ' .. '|' .. ' ' .. uid[a])
end end
end end
end end
print(tab) print(tab)
print(' Your card has ' .. read() .. ' UID number\n') print(' Your card has ' .. read() .. ' UID number\n')
print(' Choice your dump number to write (from 1 until ' .. a .. ')') print(' Choice your dump number to write (from 1 until ' .. a .. ')')
print(tab) print(tab)
io.write(' --> ') io.write(' --> ')
local no = tonumber(io.read()) local no = tonumber(io.read())
local dump = io.open('./hf-mf-' .. uid[no] .. '-data.eml', 'r'); local dump = io.open('./hf-mf-' .. uid[no] .. '-data.eml', 'r');
print(tab) print(tab)
print(' You have been selected ' .. no .. ' card dump, it UID is ' .. uid[no]) print(' You have been selected ' .. no .. ' card dump, it UID is ' .. uid[no])
---EML get B key from opened EML file
for _ in dump:lines() do table.insert(eml, _); end for _ in dump:lines() do table.insert(eml, _); end
for i = 1, #eml do for i = 1, #eml do
if (i % 4 == 0) then if (i % 4 == 0) then
repeat repeat
b = b + 1 b = b + 1
@ -69,34 +93,34 @@ for i = 1, #eml do
string.len(eml[i])) -- Cut key from block string.len(eml[i])) -- Cut key from block
until b % 4 == 0 until b % 4 == 0
end end
end end
print(tab) print(tab)
---UID Changing
if (utils.confirm(' Do the UID changing?') == true) then if (utils.confirm(' Do the UID changing?') == true) then
wait() wait()
core.console('hf 14a raw -s -c -t 2000 90f0cccc10' .. tostring(eml[1])) core.console('hf 14a raw -s -c -t 2000 90f0cccc10' .. tostring(eml[1]))
print(tab) print(tab)
print(' The new card UID is: ' .. read()) print(' The new card UID is: ' .. read())
end end
print(tab) print(tab)
---UID Blocking
if (utils.confirm(' Would you like to BLOCK the UID for any changing?') == true) then if (utils.confirm(' Would you like to BLOCK the UID for any changing?') == true) then
wait() wait()
core.console('hf 14a raw -s -c -t 2000 90fd111100') core.console('hf 14a raw -s -c -t 2000 90fd111100')
end end
print(tab) print(tab)
---Wriiting block
if (utils.confirm(' At this case are you using a Blank Card?') == true) then if (utils.confirm(' At this case are you using a Blank Card?') == true) then
wait() wait()
for i = 1, #eml do for i = 1, #eml do
core.console('hf mf wrbl ' .. (i - 1) .. ' B ' .. fkey() .. ' ' .. core.console('hf mf wrbl ' .. (i - 1) .. ' B ' .. fkey() .. ' ' ..
tostring(eml[i])) tostring(eml[i]))
end end
print(tab) print(tab)
else else
print(tab) print(tab)
if (utils.confirm( if (utils.confirm(
' Do you wishing DELETE ALL DATA and rewrite all keys to ' .. fkey() .. ' Do you wishing DELETE ALL DATA and rewrite all keys to ' .. fkey() ..
@ -120,5 +144,14 @@ else
' ' .. tostring(eml[i])) ' ' .. tostring(eml[i]))
end end
end end
end
finish()
end end
finish() main(args)
---General thinks for the future:
---Add support another types of dumps: BIN, JSON
---Maybe it will be not only as `hf-writer`, like a universal dump manager.
---Add undependence from the operation system. At the moment code not working in Linux.
---Add more chinesse backdoors RAW commands for UID changing (find RAW for the 4 byte familiar chinese card, from native it soft: http://bit.ly/39VIDsU)
---Hide system messages when you writing a dumps, replace it to some of like [#####----------] 40%